Enabling Recursive Queries in NIOS 8.4

To enable recursion on the Grid or member in NIOS 8.4 or earlier, complete the following through Grid Manager (the NIOS GUI):

1. For the Grid: From the Data Management tab, select the DNS tab, expand the Toolbar and click Grid DNS Properties.
   For a Grid Member: From the Data Management tab, select the DNS tab > Members tab > member checkbox -> Edit icon.
   To override an inherited property, click Override next to it and complete the appropriate fields.
2. In the Grid DNS Properties or Member DNS Properties editor, click Toggle Advanced Mode, and then select the Queries tab.
3. Select the Allow recursion checkbox, and then in the Allow recursive queries from section, select one of the following:
   — None: Select this if you do not want to configure access control for recursive queries. When you select None, the appliance allows recursive queries from all clients. This is selected by default.
   — Named ACL: Select this and click Select Named ACL to select a named ACL. Grid Manager displays the Named ACLs Selector. Select the named ACL you want to use. If you have only one named ACL, Grid Manager automatically displays the named ACL. When you select this, the appliance allows clients that have the Allow permission to send and receive recursive DNS queries. You can click Clear to remove the selected named ACL.
   — Set of ACEs: Select this to configure individual ACEs. Click the Add icon and select one of the following from the drop-down list. Depending on the item you select, Grid Manager either adds a row for the selected item or expands the panel so you can specify additional information about the item you are adding, as follows.
   — IPv4 Address and IPv6 Address: Select this to add an IPv4 address. Click the Value field and enter the IP address of the remote querier. The Permission column displays Allow by default. You can change it to Deny by clicking the field and selecting Deny from the drop-down list.
   — IPv4 Network: In the Add IPv4 Network panel, complete the following, and then click Add to add the network to the list:
   • Address: Enter an IPv4 network address and either type a netmask or move the slider to the desired netmask.
   • Permission: Select Allow or Deny from the drop-down list.
   — TSIG Key: In the Add TSIG Key panel, complete the following, and then click Add to add the TSIG key to the list:
   • Key name: Enter a meaningful name for the key, such as a zone name or the name of the remote name server. This name must match the name of the same TSIG key on other name servers.
   • Key Algorithm: Select either HMAC-MD5 or HMAC-SHA256.
   • Key Data: To use an existing TSIG key, type or paste the key in the Key Data field. Alternatively, you can select the key algorithm, select the key length from the Generate Key Data drop down list, and then click Generate Key Data to create a new key.
   — Any Address/Network: Select to allow or deny queries from any IP addresses.
4. Save the configuration.

To configure forwarders for the Grid, member, or DNS view, complete the following through Grid Manager (the NIOS GUI):

1. For the Grid: From the Data Management tab, select the DNS tab, expand the Toolbar and click Grid DNS Properties.
   For a Grid Member: From the Data Management tab, select the DNS tab and click the Members tab -> member checkbox -> Edit icon.
   For a DNS View: From the Data Management tab, select the DNS tab -> Zones tab > dns_view checkbox -> Edit icon.

2. Click the Forwarders tab, and then click the Add icon.

3. Enter 52.119.40.100 or 103.80.5.100 in the text field.
— To remove a forwarder, select the IP address from the Forwarders list, and then click the Delete icon.
— To move a forwarder up or down on the list, select it and click the Up or Down arrow.

4. To use only forwarders on your network (and not root servers), select the Use Forwarders Only checkbox.

5. Save the configuration and click Restart if it appears at the top of the screen.